Microsoft Command Line Tools – CompTIA A+ 220-1002 – 1.4

There are many important command line utilities that you will use during both normal operation and while troubleshooting a Windows computer. In this video, you’ll learn about commands such as chkdsk, diskpart, taskkill, xcopy, and more.

<< Previous Video: Installing and Upgrading Windows Next: Network Command Line Tools >>

Most of the time when you’re using Windows, you’ll be working in a graphical environment. There may be times when a command line is the only option available to you. So in this video, we’ll look at some of the most popular Microsoft command line tools.

As you’re probably aware, the Windows operating system has two separate privileges– one for the user and one for the administrator. For most of what you do, you’ll be using standard privileges. But there are certain applications and certain functions in the operating system that need elevated permissions. And in those cases, you’ll want to run as an administrator.

To be able to run at the command prompt as an administrator, you’ll first need to be a member of the administrator’s group. And then you’ll need to right click the command prompt and choose Run as Administrator. There’s also a shortcut you can use, which is to type the cmd command and then choose Control Shift Enter to run that command as an administrator.

Here’s a command prompt that I’m running on Windows 10 that I’m running with administrator permissions. And you can see that it says Administrator Command Prompt at the top of the screen. To be able to do this, I started down at the bottom, I typed cmd– that would be for the command prompt.

Windows 10 does show me the command prompt is here, but instead of left clicking the command prompt, I’m going to right mouse click and choose “Run as administrator,” and when I do that, Windows will ask me if I would like to allow this app– which in this case would be the command prompt– to make changes to your device. This is your warning that you’re going to be performing functions at this command prompt that could make drastic changes to the operating system.

So we’re going to choose Yes. And our command prompt will open in a separate window. And now we can begin using that command prompt with elevated privileges.

The command prompt is a daunting environment to work in. There’s no graphical interface, and it’s difficult to memorize all of the different options that might be available for a particular command. For that reason, the operating system includes a help command. So if you’d like help on the directory command, you can type help dir. Or if you need help on the copy command, you can type help copy, and you’ll get all of this information about how to run that particular command.

Another shortcut to using this help is to type in the name of the command, and then use /? which will bring up the same screen as typing help and the name of the command. Once you’re finished using the command prompt, if you’d like to close out the command prompt window, you simply type exit and press Enter. These help commands are useful when you’re working at the command prompt and you need a little bit more information. Some of this information may or may not be available on your exam, so it’s important to memorize as much of this as possible.

Let’s look at all of the different options available for the copy command. I’ll type help and copy. And we’ll see all of the syntax and all of the options available when using copy. Now let’s get the same information by using the /?. I’ll type cls to clear the screen, and then we’ll type the copy command with a space and a /? to view exactly the same help information.

When you’re working at the command prompt, you may want to list out all of the files that happen to be in your current directory. And you can do that by typing the dir command. You can also move between directories by using the cd command for change working directory. You can combine this with the backslash to specify a volume or a series of subdirectories that you’d like to move to. And if you’re currently in a working directory and you would like to move or reference a directory just above that, you can use the two dots or two periods to specify that you’d like to use the folder above the current working folder.

Let’s use the dir command to list out some files that happen to be in this directory. I’m currently in the working directory of c: backslash Users backslash Professor. This means that I am in the c: drive. The drive letter is c. And then the folder that I’m in is in the Users folder. And within the Users folder, I am within the Professor folder.

Let’s use the dir command. And we can list out all of the different directories that are located in this Professor folder. You can see that one of these is the Documents folder. So now let’s use the cd command to change directory to the Documents folder. And when I hit Enter, you’ll see that my working directory has changed to Users Professor Document. And if I perform the dir command, I’ll list out all of the directories and files that will be located within that Document subfolder.

If I would like to change directory back to that previous directory that’s just above this current working directory, I can use the cd command again. And of course, I could type in backslash Users backslash Professor, or I could use the shortcut of typing cd space .. To specify the previous directory. And you can see that the working directory has changed to Users Professor.

Most of the time when we want to shut down our computer, we can choose the shut down option on our desktop or we can reach down and press the power button. But very often, you’ll be working on a computer that’s located in a different room, a different building, or a different city or state where you may be located. In those cases, you may want to shut down or reboot the computer from the command line using the shutdown command.

The shutdown command has a number of different options you should know about. We’ll be using shutdown as the command. We can use the /s option after typing in shutdown to specify that we’re going to completely shut down this computer once the timer has completed. And then we will use the /t to specify this timer, where it will wait a certain number of seconds before it shuts down. So if we’d like it to shut down in 60 seconds, we would use the shutdown command with a /s, a /t, and then 60.

If we want the computer to reboot after shutting down, then we want to use the /r command instead of using the /s. And we would still have the /t command that will be our countdown timer until the system does restart. There may be times while this timer is counting down when you realize you don’t want to restart or you don’t want to shut down right now. And you can abort this entire sequence by using the shutdown /a command.

Let’s use the shutdown command to shut down our local computer that’s sitting in front of us. We’ll you shutdown. I’m going to use the /r command to restart the computer. And then I’ll specify a time of 120 seconds. And when I press Enter, anybody who’s connected to this machine will get a message on the screen that says, “You’re about to be signed out. Windows will shut down in 2 minutes.” And it says when the shutdown will start.

To be able to abort this shutdown, we would use the same command, shutdown, but with the /a. And Windows will prompt us and say the log off is canceled. The scheduled shutdown has been canceled because we use the “a” to abort the shutdown sequence.

Another command line you may come across is dism. This stands for the Deployment Image Servicing and Management tool. There’s a standard Windows imaging format called a WIM. This stands for the Windows Imaging Format. And the dism command allows you to make changes, view the files, and perform other functions associated with these WIM images.

If you need to install new applications to an image, you need to install new drivers, or change any of the updates inside of that image, you would use this dism command. To be able to view the whole scope of the dism command, I’m going to type dism with no other parameters and press Enter, and pages of information will go by.

I’m going to scroll back up until we get all the way back to the top of dism. You can see all of the options, what the description of this command is, all of the generic imaging commands, the WIM commands– and there are pages of those– the ffu commands, the image specifications, the dism options, and some examples at the bottom.

Let’s perform one of these dism commands to look at the specifications of an existing Windows image file. Let’s use the dism command. I’m going to use a /Get-WIMInfo. And then I’m going to use the /WIMfile:d: backslash sources backslash boot.wim. Let’s break down what I’ve typed in.

I first specified the dism command. I then told this command that I’d like to get WIMInfo or the information from a Windows Image File. And then I specified the location of that file by putting in the /WIMfile: and then the location of the WIM file, which happens to be on d: backslash sources backslash boot.wim.

And when I press Enter, you can see there are two indices for this file. There’s index number 1 and index number 2. There’s a Microsoft Windows PE in this first part of the index file. And you can see the size in bytes of that particular part of the image. And then there’s a Microsoft Windows Setup x64. So this is the image file that’s used for the Windows setup. And you can view all the information about that and more using the dism command.

There may be times when you’re working on a computer where you’re concerned that the core operating system files may be damaged or corrupted. Maybe malware had previously infected the system, or maybe a Windows update didn’t complete properly. One way that you could scan all of the core operating system files is to use the sfc command. That stands for System File Checker. And sfc will scan through all of those important files, locate any that may be damaged, and repair any of those damaged files.

Let’s look at all the different options for the sfc command. You can see that you have an option to scan now, to only verify the files but don’t repair the files. We can scan individual files and verify individual files. Or we can do offline repairs as well. One of the common commands you would use would be the sfc with the scannow. Let’s try that– sfc /scannow and we’ll press Enter.

And now the sfc command processes the scan, looks through all of your operating system, and locates any files that may be corrupted. If it does run into a problem, it will repair it with this scannow command. And as you can see, this takes quite a bit of time to go through all of those operating system files. But once this scan is complete, you’ll know that you have a good working operating system.

As the name implies, the chkdsk command will check your disk for errors. One of the type of checks that it performs is a logical file system check. You can perform that check by using chkdsk /f.

The other type of check it can do is much more comprehensive. It will not only check for logical file system, errors but it will try to find any bad sectors that may exist on your storage drive. And if it finds a bad sector, it will try to recover the data in that bad sector and write it to a known good sector. If you run the chkdsk /r, it will first perform the logical file system check. And then it will perform the much more intensive sector-by-sector check of your drive.

Chkdsk needs to have complete control of the drive to perform these checks. So if you are using an operating system on a drive and you’re trying to run a chkdsk disk on that same drive, you’ll get a message on your screen that says, “Chkdsk can’t run because the volume is in use by another process. Would you like to schedule this volume to be checked the next time the system restarts?” And you can choose Yes or No.

If you choose Yes, the volume will be checked the next time you restart this computer. When you start back up, you’ll get a message on your screen that says that Windows is scanning and repairing the drive and will tell you how complete it is during that process.

There’s many programs available in the graphical front end of the Windows operating system that allows you to manage the partitions on your storage drives. But if you’re working at the command line, you still need to have this functionality, even though the graphical utility isn’t available. From the command line, the utility you want to use is diskpart. This will open up a number of different options available for managing your storage devices.

To start diskpart, we’ll type “diskpart” at the command prompt. And we’ll get a diskpart prompt. There are many different options available in diskpart. If we type “help,” you can get a summary of those options.

If you want to create a volume partition or virtual disk, you can use the create command. If you want to format a partition, you can use the format command. If we want to list the different objects that are available on this particular drive, we can type list. And if we don’t put any options down, you’ll see the different options available.

For example, if you want to type list volume, you’ll see all of the different Windows volumes available on this particular computer. Once you’re done with diskpart, you want to exit back to the operating system, you simply type exit and press Enter.

You may be accustomed to using Task Manager inside of the Windows graphical desktop to– be able to manage tasks But you can also manage tasks by using the tasklist and the taskkill command. The tasklist command will show you the currently running processes. And you can either choose to look at those processes on your local computer or you can specify the processes on a remote computer.

You can then use the taskkill command to terminate tasks. And you can either use the name of the executable or the process ID, or PID, to be able to specify exactly which process you’d like to terminate. To terminate a process using its executable name, we would use taskkill with the /im and then the name of the executable. Or if you’d like to use the process ID, use taskkill /pid, the process ID number, and then /t.

On my computer, I’m still running the command prompt that’s running with the elevated administrator access. And you can see on the left side of the screen is an instance of Notepad. If I type in tasklist, we can see all of the different processes running on this computer, including down here at the bottom an instance of notepad.exe.

I could choose the option to remove all of the tasks associated with that executable, but there might be other notepads running on this computer at the same time. What I’d like to do is specify this specific process. And I know that the process ID is going to be 3192 for this notepad.exe.

So let’s run taskkill. I’m going to specify the PID of 3192 and then specify /t to terminate that process. And when I press Enter, you’ll see that notepad.exe is now terminated.

If you’re the system administrator of a number of different Windows machines, you’re probably managing those systems using Microsoft Active Directory. Active Directory allows you to implement group policies which allows the administrator to control almost every aspect of the operating system. When a user logs into their computer, these group policies are updated with all of the configurations that the system administrators have made.

There may be times when the system administrator would like to force a particular set of updates on a computer, perhaps in the middle of the day after someone has already logged in. To be able to do that, they can use the gpupdate command, which will force a group policy update to a computer. To do this, you’d use the gpupdate with a /target and the name of the computer or the name of the user. And then you use /force to force that group policy update. For example, for my particular username, I would use the gpupdate /target:professor and /force.

You can also look at the group policy settings on a particular user or a particular computer by using the gpresult command. For instance, gpresult /r will show the group policy settings on that computer. Or it can specify a particular user in a particular domain to be able to look at the results of group policy on a remote device.

Let’s look at the group policy settings on my local computer. I’ll use the gpresult /r. And it will compile the information about group policy and show what the results are of that particular query. If I scroll up to the top, you can see this is a standalone workstation running Windows 10. I can look at computer settings.

I can see if any group policy objects have been applied to this system. And since the system is not under an active domain infrastructure, I don’t have any group policies assigned. I can see security group information, user settings, and other information that’s important for understanding how group policy has been applied to this individual system.

Another useful command line utility is the format command. This is the command you’ll use to write a file system to a partition. This is a very useful command when you’re initializing a disk, but you should also be aware that this command will delete anything on that disk. So be very careful when using the format command that you don’t delete or format over the wrong partition.

On my computer, I plugged in a new USB drive that’s drive E. If I do a directory of drive E, you’ll see that it does not contain a recognized file system. So I’ll use the format command. I’ll specify e: and I’ll press Enter. It asks me to insert a new disk for drive E, which is already there, and press Enter when ready. It’s now going to perform format with all of the default options which will write a fat 32 partition to this USB drive.

The copy command is used to copy a file or a series of files from one directory to another. This can be on the same storage device or it can copy to a different storage device. There are a number of different options available for the copy command. Today we’re going to look at two of them. One is the /v option, and the other is the /y option.

/v when you include that on the copy command will verify that the files that you’ve copied were copied correctly. This is something that’s useful to do, especially if you’re copying to an external storage device or a device that you want to make sure is getting a good copy of that file.

The other option is /y. This will suppress any options that may come up to overwrite what may already exist on a destination file. In the example that we’re about to do, I’ll copy a file, and then I’ll try to copy the file again. And you’ll see the copy command will prompt us if we really want to overwrite that file, I can force that to be overwritten by using that /y option.

For this copy command, I want to copy a single file that I have, which is p3k-447-report.log. And I want to copy this to my E drive, which is my USB drive. Because I’m copying this important file, I want to be sure to use the v command to verify that the file was copied properly to that USB drive.

So I’ll start with the copy command with a /v. And then I’ll specify the name of the file that I would like to copy, which is p3k-447-report.log. Then I’ll specify the destination for this copy command, which would be my E drive, and I’ll press Enter. And you can see that one file was copied. Since we used the /v, we know that not only was the file copied, but it was verified once the file was copied to that E drive.

If I use the up arrow and I perform this exact same copy command again, you’ll see that the copy command recognizes that this file already exists on that destination drive. And it says, do I want to overwrite that particular file? And you can choose yes, no, or to overwrite all of the remaining files in this copy command. For this option, I’m going to choose yes to overwrite that file, and the exact same copy takes place.

There may be times when you want to automate these files to be copied, so you may want to bypass that prompt that comes up. So I’ll choose the copy command with a /v, and I’ll include the /y which tells the copy command if you’re ever prompted with a conflict, go ahead and choose the yes command to overwrite that file. Then I’ll choose exactly the same options as I had before– the p3k-447-report.log /e:.

And now when I press Enter, I’m not prompted at all. It simply overrides the file during the copy process. If I look at my E drive now, you can see that it contains that report file.

If you want to copy multiple files and multiple directories at a single time, you may want to use the xcopy command. This is designed to look at an entire subdirectory of files and folders and copy all of them with one single command line. Let’s run the xcopy command with a /?, and you’ll see that all of these different options are available for the xcopy command.

The one that we’re going to use is the /s option, which copies a directory and subdirectory except any that may be empty. Let’s clear the screen. And we’ll use the xcopy command. I’ll choose /s to copy the subdirectories.

I’ll choose that I want to copy my Documents folder. And this Documents folder has a number of different subdirectories within it. And then I want to choose to copy that to my e:usb drive under a folder that already exists called backups. And when I press Enter, the xcopy command will find every file that happens to exist under that Documents directory and copy them all to my E drive.

If you’re looking for a better version of xcopy, you may find it in the robust copy or robocopy command. This is a file copy utility that has a number of unique features, including the ability to resume a file transfer if it happens to be interrupted anywhere in the middle. This can be especially good for wide area network or non-terrestrial links, where you may have intermittent connectivity. On the surface, the robocopy command looks and acts very similar to xcopy, and much of the syntax is the same between the two.

Let’s use the robocopy command to copy that same Documents folder to that same backup folder that’s on my USB drive. We’ll use robocopy. I’m going to specify the /s command to copy a subdirectory. I’m going to choose my Documents folder. And then I’m going to specify e: backslash backups and hit Enter.

Robocopy will find all of the files that are under that Documents folder and copy all of them to my USB drive. After the copy is complete, you can see the results of the copy command. And you’ll see exactly how long it took to perform the copy and the type of throughput you were able to see during that copy process.